DoD News

News Article

Sharing Intelligence Helps Contractors Strengthen Cyber Defenses

By Donna MilesAmerican Forces Press Service

BALTIMORE, Aug. 16, 2011  A new pilot program in which the Defense Department shares classified threat intelligence with defense contractors or their commercial Internet service providers is showing promise in increasing their cyber defenses and preventing enemy intrusions into sensitive government networks, Deputy Defense Secretary William J. Lynn III said today.

About midway through the 90-day pilot, launched in partnership with the Homeland Security Department, Lynn said the pilot is bearing fruit among about 20 participating companies that operate DOD networks.

“Already, the pilot has shown us hundreds of signatures we wouldn’t previously have seen” and stopped hundreds of attempted intrusions, Lynn reported. He noted that loading these signatures onto existing systems dramatically increases cybersecurity.

“So in the coming months, we are looking at the possibility of deepening the defense industry involvement in this pilot [and] bringing more and more companies” into the program, he said.

Lynn called intelligence the “special sauce” that enables participating companies to improve their cyber defenses. DOD shares threat intelligence provided by U.S. Cyber Command and the National Security Agency, along with expertise so they can employ it for network defense.

The companies, in turn, use the intelligence and expertise to protect networks they operate for DOD.

“We rely on private-sector networks and services to operate nearly every facet of the department,” Lynn told today’s gathering. “And the fact is that the private firms we depend on are susceptible to the same cyber threats we seek to protect dot-mil networks from.”

Over the past decade, “we have lost terabytes of data” through intrusions and attacks on defense companies’ corporate networks, Lynn said. Some of the stolen data was relatively mundane, involving specifications for small parts of tanks, airplanes and submarines.

“We realize that we must help our partners protect their networks,” he said.

Meanwhile, DOD is looking toward other government agencies to see if this same concept can be applied to protect other sectors, including power, transportation and energy sectors. DIB Cyber Pilot “is intended to demonstrate that we can utilize this public-private partnership to protect critical infrastructure networks, starting with the defense sector,” Lynn said.

Lynn called on DISA and DOD’s industry partners to help make the new concept work.

“This is not a type of problem like air defense where the military can take the mission largely on its own. Nor is it an area in which the private sector can do everything they need to do on their own,” he said. “It has to be a partnership between the types of capabilities and intelligence the government can bring, and the types of capabilities and technology the private sector can bring. And those two need to be combined to protect our vital infrastructure.”

This cooperation is critical to the success of the new DOD strategy for operating in cyberspace, which recognizes the importance of cyber defenses to prevent enemies from exploiting, disrupting or destroying critical networks.

“In the face of this threat, we have a window of opportunity to develop much more substantial defenses, not only on our military and government networks, but also the networks that support our critical infrastructure,” Lynn said.

“We must have the capability to defend against the full range of cyber threats,” he said. “That is indeed the goal of the department’s cyber strategy, and it is why we are pursuing the strategy with such urgency.”

Comments

Article is closed to new comments.

The opinions expressed in the following comments do not necessarily reflect those of the U.S. Department of Defense.

8/19/2011 10:45:09 AM
Another bit of advice: cyber stuff can be pretty confusing to non-techies (Google “Rockwell Turbo Encabulator&quot;), but there are tricks to judge if the tech services company they hired is really any good. One trick is to give them a simple, understandable task like, say, creating a simple website – nothing fancy, just containing news &amp; info, and allowing for comments. Basic web stuff nowadays and easy to compare to similar enough sites.
In this example, one thing to look for is how those comments are handled: poorly created web sites often can’t handle comments containing quote marks or parentheses (e.g., this is a &quot;quote&quot;) without the results getting a bit scrambled. Even a simple new line,
Like this for example,
might not work properly. Modern, properly coded sites should not have such problems, so if an IT services company can't manage this, or even just call attention to it when it was done by someone else, that should at least raise an eyebrow or two.- CallMeBC, This place

8/16/2011 10:09:00 PM
“Already, the pilot has shown us hundreds of signatures we wouldn’t previously have seen&quot;?!?
Really? You would kind of get something like this if you just switched from McAfee to Norton -- that's an utterly inconsequential result. By this criteria, switching to a top ranked AV like Kaspersky or Avira would be tantamount to a major breakthrough. The usual bunch of defense (whoops, I mean &quot;security&quot;) contractors who tend to end up with DoD funding have repeated demonstrated that they are simply not up to dealing with top notch hackers and malware writers, and that this situation is not exactly improving. Better to seek out and locate, CIA-style, friendly-enough cyber &quot;assets&quot; with high level skills and try to recruit them. Treat them right and you might be surprised at what you can get for rounding-error money. - CallMeBC, This place